All of the information, instructions, and recommendations on this Web site are offered on a strictly “as is” basis. Remember “Murphy’s Law.” You must take the proper precautions before attempting any of the tips or modifications listed ConsciousVibes.com.
As always, before updating or modifying any part of your Operating System or using any of these tips:
- Backup your data.
- Backup your Registry files.
- Create an Emergency Boot disk that include the drivers for your CD-ROM drive.
- Read the documentation for each update before you attempt to install it.
- Use these tips at your own risk.
- Read the Legal Information.
These are links to free ISO files that you can use to create bootable media that can diagnose and clean an Windows systems.
Contents
Important
- Once your system has been compromised, you can never be 100% certain there isn’t any malware or rootkits still lurking in the OS, watching everything you do after a clean up.
- You should backup your data, format the drive, and do a clean installation of the OS and applications from CD/DVD/Flash Drives that you know are clean.
- You can use a Live Bootable Media to backup your important personal files (documents, photos, etc.).
- Read: Help: I Got Hacked. Now What Do I Do? and Help: I Got Hacked. Now What Do I Do? Part II
- Ventoy is an open source tool to create bootable USB drive for ISO/WIM/IMG/VHD (x)/EFI files. With ventoy, you don’t need to format the disk over and over, you just need to copy the ISO/WIM/IMG/VHD (x)/EFI files to the USB drive and boot them directly.
- Medicat is a toolkit that helps compile a selection of the latest computer diagnostic and recovery tools into an easy to use toolkit.
- Rufus is a utility that helps format and create bootable USB flash drives, such as USB keys/pendrives, memory sticks, etc.
Live Utility Discs
These are links to free ISO files that you can use to create bootable flash drives or discs .
Boot a PC from any of the following Live Discs to help you:
- Test the hardware without needing a working OS already installed.
- Partition, format, etc. the hard drive
- Determine the name of devices so that you can download the correct Windows device driver
- Fix or replace files to get Windows working again
- Copy your data from a system that won’t boot, as long as the drive is still working.
ISO Downloads
- Parted Magic
- Knoppix
- SystemRescueCd
- Ubuntu, KNOPPIX
- Kali Linux
- Lubuntu (for older, slower, or low resource PC’s, with Intel, AMD, and PowerPC processors.)
To Scan and Clean Malware
From a computer that you know is free of any malware:
- Download the ISO
- Create/burn a bootable optical disc from the ISO
On the afflicted PC,
- Insert the Live disc into the affected PC
- Turn off the affected PC
- Turn on the affected PC and select the option to boot from the CD/DVD/Optical drive, and boot from the Live disc
- For Dell systems: Press F12 when it’s just starting to display the “One-time boot menu,” then select “CD/DVD/CD-RW Drive” to boot from the CD
- Use the Live disc to scan and clean the system
Downloads
| Live Disc (CD/DVD) | Home Page | Based on | Updates? |
|---|---|---|---|
| BitDefender Rescue CD | BitDefender | Linux | Automatic |
| Windows Defender Offline | Windows | ||
| Comodo Cleaning Essentials (CCE) | |||
| Kaspersky Rescue Disk o | Kaspersky | Linux | Manual |
| F-Secure Rescue CD | F-Secure | Linux | Automatic |
| AVG Rescue CD | AVG | Linux | Manual |
| Avira AntiVir Rescue System | Avira | Linux | ? |
| Dr.Web LiveCD / Dr.Web LiveUSB | Dr.Web | Linux | Automatic |
Note: Automatic means the disc will automatically start downloading the latest updates if Internet access is available. Manual means that you have to initiate the update process once the application has loaded, before you start scanning.
Unhide Files After Trojan/Malware Aftermath
This is how to recover after a malware infection that hides directories and files, and may also add shortcuts with the names of the hidden directories.
To un-hide the directories/folders and files:
- Insert your affected USB flash drive into the PC, and make a note of the drive letter assigned to it.
- Open a command prompt and type the following command, and then press ENTER:
attrib -h -r -s /s /d X:\*.*
(Replace X: with the drive letter of your flash drive.)
- -h Clears the hidden file attribute
- -r Clears the Read-only file attribute
- -s Clears the system file attribute
- /s Process matching files in the current directory and all subdirectories
- /d Process folders as well.
You’ll need to also delete all the bogus shortcuts using the following command, and then press ENTER:
X:\del /a /f *.lnk/s